IN THE CLAIMS : 

Please amend claims 1-60, as shown in the complete list of claims that is presented 

below. 

1. (currently amended) A secret file access authorization system with fingerprint 
limitation, comprising; th e components as follows: 

[[An]] an authorization server provided with an authorization module, which provides 
a fingerprint template and an authorization secret [[key.]] key, the authorization module 
including a password fingerprint unit, an environment fingerprint sampling unit, and a time 
fingerprint sampling unit, which are set in parallel, as well as an authorization unit; 

[[An]] an encryption server provided with an encryption module, which generates a 
decryption secret key by accepting the authorization secret key provided by the authorization 
module, and produces [[the]] encrypted secret files by encrypting [[the]] secret files to be 
e ncrypted, encrypted; 

[[A]] a certification server provided with [[an]] the authorization module, which 
accepts the fingerprint template provided by the authorization module, accepts the decryption 
secret key provided by the encryption module and the authorization secret key claiming 
certification that is sent by [[the]] a client, and judges and confirms by providing [[the]] a 
certified decryption secret keyr key; and 

[[At]] at least one client machine, each of which is provided with a user module, 
which embeds [[the]] a kernel encryption/decryption unit into [[the]] a corresponding 
operation system kernel of the client, accepts the authorization secret key provided by the 
authorization module and the decryption secret key provided by the encryption module, sends 
the claiming of certification respectively to a certification module, opens the 
encryption/decryption unit with [[the]] a certified authorization secret key and the certified 
decryption secret key which is returned after the certification module makes the certification,, 
certification, and reads/writes the encrypted secret files. 
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2. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim K wherein the authorization server, the encryption server^ and 
the certification server are merged to constitute a system server, which is provided with the 
authorization module, the encryption module^ and the certification module. 

3. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1 5 wherein the authorization server and the encryption server are 
merged to constitute an authorization-and-encryption server, which is provided with the 
authorization module and the encryption module. 

4. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the authorization server and the certification server 
are merged to constitute an authorization-and-certification server, which is provided with the 
authorization module and the certification module. 

5. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the encryption server and the certification server are 
merged to constitute an encryption-and-certification server, which is provided with the 
encryption module and the certification module. 

6. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the authorization module includes a password 
fingerprint unit, [[an]] the environment fingerprint sampling unit, and [[a]] the time 
fingerprint sampling unit unit, which ar e set in parallel, as well as th e authorization unit that is 
link e d with th e said thr ee units which are set in parallel respectively by [[the]] bidirectional 
programs; and wherein the authorization unit provides the authorization secret [[key;]] key, 
while the password fingerprint unit, the environment fingerprint sampling unit, and the time 
fingerprint sampling unit that are set in parallel provide the fingerprint template, altog e th e r. 



AMENDMENT 



-4- 



10/594,299 



7. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 6, wherein the authorization secret key is a binary string of a 
certain length. 

8. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 7, wherein the authorization secret key can bo is put into [[the]] 
an authorized entity. 

9. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 6, wherein the fingerprint template is a binary string of a certain 
length. 

10. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the encryption module includes [[the]] a secret key 
generation unit and [[the]] an encryption unit, which are linked in sequence by [[the]] 
programs; wherein the secret key generation unit provides the decryption secret key after 
accepting the authorization secret key provided by the authorization module; and wherein the 
encryption unit accepts the input of secret files to be encrypted, and produces the encrypted 
secret files by using the decryption secret key provided by the secret key generation unit. 

11. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 10, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the authorization secret 
key. 

12. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 10, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the decryption secret 
key and the authorization secret key at the same time. 
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13. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the certification module includes an environment 
fingerprint certification unit, a password fingerprint certification unit, and a time fingerprint 
certification unit set in parallel by accepting the fingerprint template provided by the 
authorization module; wherein a [[the]] certification interface unit is linked with them by 
[[the]] bidirectional programs, which and also accepts the decryption secret key provided by 
the encryption module and [[the]] a certification secret key from the user module claiming 
certification respectively, and provides the certified decryption secret key for the user module. 

14. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 1, wherein the user module includes [[the]] an application unit, 
[[the]] a kernel encryption/decryption unit and [[the]] an input/output unit, which are linked in 
sequence by [[the]] bidirectional programs; programs, as well as [[the]] an authorization input 
unit, which accepts the authorization secret key and sends it into the kernel 
encryption/decryption unit; wherein the kernel encryption/decryption unit provides the 
authorization secret key claiming certification for [[the]] a certification module, and accepts 
[[the]] a certified decryption secret key sent by the certification module; [[and]] wherein the 
input/output unit is coupled with the encrypted secret files bidirectionally; wherein the kernel 
encryption/decryption unit is embedded in the cli e nt operation system kernel. 

15. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 14, wherein the cli e nt operation system can b e is Microsoft 
Windows 95/98/ME/NT/2000/XP/2003 Server or Linux/Unix or Pocket, Symbian OS, 
Windows CE embedded operation system or Mac OS or Sun OS, Novell netware and other 
server or network operation systems. 

16. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 14, [[the]] wherein a program used by the application unit can be 
is Microsoft Office and its components or other desktop applications or embedded applications. 
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17. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 2, wherein the authorization module includes [[a]] die password 
fingerprint unit, [[an]] the environment fingerprint sampling unit a [[and a]] the time 
fingerprint sampling unit, which ar e set in parallel, as well as and the authorization unit; 
wherein the password fingerprint unit, the environment fingerprint sampling unit, and the time 
fingerprint sampling unit that is linked with th e said thr e e units which are set in parallel 
respectively by [[the]] bidirectional programs; wherein the authorization unit provides the 
authorization secret [[key;]] key, while the password fingerprint unit, the environment 
fingerprint sampling unit^ and the time fingerprint sampling unit that are set in parall e l 
provide the fingerprint template, altogether. 

18. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 3, wherein the authorization module includes [[a]] the password 
fingerprint unit, [[an]] the environment fingerprint sampling uni t, the [[and a]] time 
fingerprint sampling unit, which ar e set in parall e l, as well as and the authorization unit; 
wherein the password fingerprint unit, the environment fingerprint sampling unit, and the time 
fingerprint sampling unit that is link e d with the said throe units which are set in parallel 
respectively by [[the]] bidirectional programs; wherein the authorization unit provides the 
authorization secret [[key;]] key, while the password fingerprint unit, the environment 
fingerprint sampling unit A and the time fingerprint sampling unit that are set in parallel 
provide the fingerprint template, altogeth e r. 

19. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 4, wherein the authorization module includes [[a]] the password 
fingerprint unit, [[an]] the environment fingerprint sampling uni t, the [[and a]] time 
fingerprint sampling unit, which ar e set in parall e l, as well as and the authorization unit; 
wherein the password fingerprint unit, the environment fingerprint sampling unit, and the time 
fingerprint sampling unit that is link e d with the said three units which are set in parallel 
respectively by [[the]] bidirectional programs; wherein the authorization unit provides the 
authorization secret [[key;]] key, while the password fingerprint unit, the environment 
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fingerprint sampling unit, and the time fingerprint sampling unit that are set in parallel 
provide the fingerprint template, altog e ther. 

20. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 5, wherein the authorization module includes [[a]] the password 
fingerprint unit, [[an]] the environment fingerprint sampling uni t, the and a time fingerprint 
sampling unit, which are s e t in parall e l, as well as and the authorization uni t; wherein the 
password fingerprint unit the environment fingerprint sampling unit, and the time fingerprint 
sampling unit that is linked with the said three units which are set in parallel respectively by 
[[the]] bidirectional programs; wherein the authorization unit provides the authorization secret 
[[key;]] key, while the password fingerprint unit, the environment fingerprint sampling unit, 
and the time fingerprint sampling unit that are set in parallel provide the fingerprint template, 
altog e ther. 

21. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 17, wherein the authorization secret key is a binary string of a 
certain length. 

22. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 18, wherein the authorization secret key is a binary string of a 
certain length. 

23. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 19, wherein the authorization secret key is a binary string of a 
certain length. 

24. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 20, wherein the authorization secret key is a binary string of a 
certain length. 
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25. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 21, wherein the authorization secret key can be is put into [[the]] 
an authorized entity. 

26. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 22, wherein the authorization secret key can b e is put into [[the]] 
an authorized entity. 

27. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 23, wherein the authorization secret key can b e is put into [[the]] 
an authorized entity. 

28. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 24, wherein the authorization secret key can b e is put into [[the]] 
an authorized entity. 

29. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 17, wherein the fingerprint template is a binary string of a 
certain length. 

30. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 18, wherein the fingerprint template is a binary string of a 
certain length. 

3 1 . (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 19, wherein the fingerprint template is a binary string of a 
certain length. 
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32. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 20, wherein the fingerprint template is a binary string of a 
certain length. 

33. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 2 5 wherein the encryption module includes [[the]] a secret key 
generation unit and [[the]] an encryption unit, which are linked in sequence by [[the]] 
programs; wherein the secret key generation unit provides the decryption secret key after 
accepting the authorization secret key provided by the authorization module; and wherein the 
encryption unit accepts the input of secret files to be encrypted, and produces the encrypted 
secret files by using the decryption secret key provided by the secret key generation unit. 

34. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 3, wherein the encryption module includes [[the]] a secret key 
generation unit and [[the]] an encryption unit, which are linked in sequence by [[the]] 
programs; wherein the secret key generation unit provides the decryption secret key after 
accepting the authorization secret key provided by the authorization module; and wherein the 
encryption unit accepts the input of secret files to be encrypted, and produces the encrypted 
secret files by using the decryption secret key provided by the secret key generation unit. 

35. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 4, wherein the encryption module includes [[the]] a secret key 
generation unit and [[the]] an encryption unit, which are linked in sequence by [[the]] 
programs; wherein the secret key generation unit provides the decryption secret key after 
accepting the authorization secret key provided by the authorization module; and wherein the 
encryption unit accepts the input of secret files to be encrypted, and produces the encrypted 
secret files by using the decryption secret key provided by the secret key generation unit. 

36. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 5, wherein the encryption module includes [[the]] a secret key 
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generation unit and [[the]] an encryption unit, which are linked in sequence by [[the]] 
programs; wherein the secret key generation unit provides the decryption secret key after 
accepting the authorization secret key provided by the authorization module; and wherein the 
encryption unit accepts the input of secret files to be encrypted, and produces the encrypted 
secret files by using the decryption secret key provided by the secret key generation unit. 

37 (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 33, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the authorization secret 
key. 

38. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 34, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the authorization secret 
key. 

39. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 35, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the authorization secret 
key. 

40. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 36, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the authorization secret 
key. 

41. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 33, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the decryption secret 
key and the authorization secret key at the same time. 
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42. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 34, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the decryption secret 
key and the authorization secret key at the same time. 

43. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 35, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the decryption secret 
key and the authorization secret key at the same time. 

44. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 36, wherein the encryption unit accepts the input of the secret 
files to be encrypted, and produces the encrypted secret files by using the decryption secret 
key and the authorization secret key at the same time. 

45. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 2, wherein the certification module includes an environment 
fingerprint certification unit, a password fingerprint certification unit, and a time fingerprint 
certification unit set in parallel by accepting the fingerprint template provided by the 
authorization module; [[the]] and wherein a certification interface unit is linked with them by 
[[the]] bidirectional programs, which also accepts the decryption secret key provided by the 
encryption module and the certification secret key from the user module claiming certification 
respectively, and provides the certified decryption secret key for the user module. 

46. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 3, wherein the certification module includes an environment 
fingerprint certification unit, a password fingerprint certification unit, and a time fingerprint 
certification unit set in parallel by accepting the fingerprint template provided by the 
authorization module; [[the]] and wherein a certification interface unit is linked with them by 
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[[the]] bidirectional programs, which also accepts the decryption secret key provided by the 
encryption module and the certification secret key from the user module claiming certification 
respectively, and provides the certified decryption secret key for the user module. ) 

47. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 4, wherein the certification module includes an environment 
fingerprint certification unit, a password fingerprint certification unit, and a time fingerprint 
certification unit set in parallel by accepting the fingerprint template provided by the 
authorization module; [[the]] and wherein a certification interface unit is linked with them by 
[[the]] bidirectional programs, which also accepts the decryption secret key provided by the 
encryption module and the certification secret key from the user module claiming certification 
respectively, and provides the certified decryption secret key for the user module. 

48. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 5, wherein the certification module includes an environment 
fingerprint certification unit, a password fingerprint certification unit, and a time fingerprint 
certification unit set in parallel by accepting the fingerprint template provided by the 
authorization module; [[the]] and wherein a certification interface unit linked with them by 
the bidirectional programs, which also accepts the decryption secret key provided by the 
encryption module and the certification secret key from the user module claiming certification 
respectively, and provides the certified decryption secret key for the user module. 

49. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 2, wherein the user module includes [[the]] an application unit, 
the kernel encryption/decryption uni^ and [[the]] an input/output unit, which are linked in 
sequence by [[the]] bidirectional programs, and an programs; as well as th e authorization 
input unit, which accepts the authorization secret key and sends it into the kernel 
encryption/decryption unit; wherein the kernel encryption/decryption unit provides the 
authorization secret key claiming certification for the certification module, and accepts the 
certified decryption secret key sent by the certification module; and th e wherein an 
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input/output unit is coupled with the encrypted secret files bidirectionally; and wherein the 
kernel encryption/decryption unit is embedded in the cli e nt operation system kernel. 

50. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 3, wherein the user module includes [the]] an application unit, 
the kernel encryption/decryption unit A and [[the]] an input/output unit, which are linked in 
sequence by [[the]] bidirectional programs; as well as the programs, and an authorization 
input unit, which accepts the authorization secret key and sends it into the kernel 
encryption/decryption unit; wherein the kernel encryption/decryption unit provides the 
authorization secret key claiming certification for the certification module, and accepts the 
certified decryption secret key sent by the certification module; and the input/output unit is 
coupled with the encrypted secret files bidirectionally; and wherein the kernel 
encryption/decryption unit is embedded in the cli e nt operation system kernel. 

5 1 . (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 4, wherein the user module includes [[the]] an application unit, 
the kernel encryption/decryption unit^ and [[the]] an input/output unit, which are linked in 
sequence by [[the]] bidirectional programs; as well as the programs, and an authorization 
input unit, which accepts the authorization secret key and sends it into the kernel 
encryption/decryption unit; wherein the kernel encryption/decryption unit provides the 
authorization secret key claiming certification for the certification module, and accepts the 
certified decryption secret key sent by the certification module; [[and]] wherein the 
input/output unit is coupled with the encrypted secret files bidirectionally; and wherein the 
kernel encryption/decryption unit is embedded in the cli e nt operation system kernel. 

52. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 5, wherein the user module includes [[the]] an application unit, 
the kernel encryption/decryption unit a and [[the]] an input/output unit, which are linked in 
sequence by [[the]] bidirectional programs; as w e ll as th e programs, and an authorization 
input unit, which accepts the authorization secret key and sends it into the kernel 
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encryption/decryption unit; wherein the kernel encryption/decryption unit provides the 
authorization secret key claiming certification for the certification module, and accepts the 
certified decryption secret key sent by the certification module; [[and]] wherein the 
input/output unit is coupled with the encrypted secret files bidirectionally; and wherein the 
kernel encryption/decryption unit is embedded in the client operation system kernel 

53. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 49, wherein the cli e nt operation system can b e is Microsoft 
Windows 95/98/ME/NT/2000/XP/2003 Server or Linux/Unix or Pocket, Symbian OS, 
Windows CE embedded operation system or Mac OS or Sun OS, Novell netware and other 
server or network operation systems. 

54. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 50, wherein the client operation system can bo is Microsoft 
Windows 95/98/ME/NT/2000/XP/2003 Server or Linux/Unix or Pocket, Symbian OS, 
Windows CE embedded operation system or Mac OS or Sun OS, Novell netware and other 
server or network operation systems. 

55. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 5 1 , wherein the cli e nt operation system can b e is Microsoft 
Windows 95/98/ME/NT/2000/XP/2003 Server or Linux/Unix or Pocket, Symbian OS, 
Windows CE embedded operation system or Mac OS or Sun OS, Novell netware and other 
server or network operation systems. 

56. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 52, wherein the client operation system can b e is Microsoft 
Windows 95/98/ME/NT/2000/XP/2003 Server or Linux/Unix or Pocket, Symbian OS, 
Windows CE embedded operation system or Mac OS or Sun OS, Novell netware and other 
server or network operation systems. 
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57. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 49, wherein a [[the]] program used by the application unit can b o 
is Microsoft Office and its components or other desktop applications or embedded applications. 

58. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 50, wherein a [[the]] program used by the application unit can b e 
is Microsoft Office and its components or other desktop applications or embedded applications. 

59. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 51, wherein a [[the]] program used by the application unit can be 
is Microsoft Office and its components or other desktop applications or embedded applications. 

60. (currently amended) A secret file access authorization system with fingerprint 
limitation according to claim 52, wherein a [[the]] program used by the application unit can b e 
is Microsoft Office and its components or other desktop applications or embedded applications. 

61. (new) A secret file access authorization system with fingerprint limitation 
according to claim 1, wherein the environment fingerprint sampling unit determines whether a 
request for decryption of one of the encrypted secret files originated from a client machine 
that is authorized to decrypt said one of the encrypted secret files, and wherein the time 
signature sampling unit determines whether said request for decryption has occurred during a 
limited time window set for authorized decryption. 
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